Things that you should know about DNS
j

Prabesh Thapa

August 16, 2020

In this article I will explain you things that you should know about DNS. We think we all know what DNS is and how it works, but we get sloppy at times. So, I decided to dig deep into DNS. I decided to write what I learned. I may not be able to include everything, but I will try to include things that you should know about DNS. So, let's begin by learning what is DNS?

What is DNS?

According to cloudflare,"Domain Name System" - DNS in Short - is like the phonebook of internet". Similar to a phonebook, we search username and try to tally with respective number, DNS works in similar way, by finding current IP associated with respective domain name. According to Amazon, "DNS is a service which translates human readable domain name (example.com) into machine readable IP addresses (192.168.12.3). DNS is the backbone of the internet, without it you will not be able to visit all the website. Imagine, remembering all the IP addresses for your favorite websites.

How does DNS works?

When user requests any webpage in the browser and presses ENTER key, user computer (DNS client) performs something called DNS query. DNS Query is query requesting IP address of the server where DNS client has to look to fetch the content of the website. Basically, a DNS query is just requesting an IP associate with the domain.

Now, you must have some idea of how DNS works, it resolves domain name into IP. There is another things that you should be aware of which is DNS Hierarchy.

Image above is the DNS hierarchy structure. From the image above you can see how DNS is structured, on the top there is root server, below those there are TLD (Top Level Domain) servers, below those there are authoritative DNS server, and so on.

Moving forward, there are few terminologies that you need to know before knowing how DNS query works.

They are:

  • Stub Resolver: A stub resolver is a program running in the host operating system. It acts as the intermediate between DNS resolver and application requiring DNS resolution.
  • Name Server: A Name server is a server on which DNS software is installed. It is a server which manages all the domain names associated with their customer if it is a hosting provider. If a company hosts their own name server then, it contains records which points domain query to associated server.
  • DNS Resolver: Before checking for the associated IP address in the internet, there is a component which checks in local cache of local DNS server, whether the IP for the associated domain is there or not. This component is known as DNS Resolver.
  • Root DNS Server: This the the topmost server in the DNS hierarchy. It is usually symbolized as dot i.e "." . This is the first place where DNS query hits while resolving from domain name to IP. Root DNS server is the DNS server for root zone or ".". These are the authoritative DNS server that server root domain. There are 13 root DNS server which is managed by IANA under ICANN.
  • TLD DNS Server: TLDs are the highest level of domain name in the DNS hierarchy of the internet apart from root which is hidden. TLDs are the domain name that comes after the last dot in the FQDN (Fully Qualified Domain Name). For example: In domain sysadminsociety.com, ".com" is the TLD or Top Level Domain, in domain sysadminsociety.net ".net" is the TLDs. It is looked after and managed by IANA (Internet Assigned Number Authority).
  • Authoritative DNS Server: It is the DNS server which has ultimate authority for that given domain. In other words, this DNS server holds up to date information about the given domain. Authoritative DNS server is the last stop in the DNS query process.

Since you are now aware of DNS hierarchy and terminologies used. We can move forward to learn more about DNS query.

There are four types of DNS queries in DNS:

1. Iterative DNS query:

Iterative query can be understood using image below:

In iterative DNS query, it asks the referred DNS server for the best answer which the server has regarding the domain. when DNS client request for the domain then, it is first sent to the DNS resolver. If it has the relevant information of the domain in its cache then it returns the same. If not, it refers us with referral to the root server. The root server checks its records and then if it did not find any, then it does not query other servers but instead refer us another DNS server which might have the answer, after getting the referral, it queries the referred DNS server for answer. DNS resolver must iterate like this until it find the information which it eventually finds in respective domain Authoritative DNS server. So, from number 2 till number 7 is the iterative part of the iterative query process.

2. Recursive DNS query

Recursive DNS query can be understood by using the image from the above iterative query. In the above diagram on number 1 and number 8 it is getting a response back. This is recursive part of the recursive DNS query where the DNS resolver in this case the local DNS server "must" but provide back a response whether it be the resolved IP or the error message i.e domain or server not found message. Note this, during recursive phase of query, the DNS server MUST provide back some response. Other than this, from number 2 to number 7 its all iterative.

3. Non-recursive DNS query

This one is a bit interesting, this type of queries are the queries that your server is authoritative for. For example, if your local DNS server is authoritative DNS server for example.com then when you query example.com to your local DNS server, then it does not need to go through all those iterative process to provide you with response.

4. Inverse query

Inverse query are the query opposite of normal host name to IP query. They are also call reverse mapping or reverse lookup query.

After you all of these things, you should know what DNS Zone is?

So, What is a Zone?

A zone is a specific portion of the DNS namespace which is managed by organization or administrator. DNS Zone provides a granular control of the namespace. A DNS Zone starts at a domain in the DNS hierarcy and can extend down to its subdomains so that it is managed by single authority. A Zone is not a domain but a portion of the DNS namespace stored in a file. A zone might contain multiple nodes in the DNS namespace tree.

Now, we need know what are records and types of records in DNS.

So, What is a DNS record and what are their types?

A DNS records are the entries in DNS Zone configuration file which have their specific function during translation. With help of records DNS query can achieve complete resolution. There are different types of DNS records. They are A, SOA, CNAME, MX, SRV, TXT, AAAA which are the most widely used DNS records. There are other DNS records which are experimental such as MG, MB, MR, NULL.

I will be explaining in depth about these records when we configure our own DNS server. Till then this information should be enough to give you overview of DNS. Now, since we have most of the knowledge that is required about DNS, now we should be ready to set up our own DNS server. I will be configuring DNS server on next article.

Thank you for reading till the end :). Please leave a feedback if you think other things could be included in there.

Practical implementation:

FYI, Other than RRSIG everything is self explanatory. RRSIG stands for RRset Signature, it holds DNSSEC signature for a record. Using this resolvers can verify signature with public key stored in DNSKEY-record.

prabeshthapa@192-168-1-105  ~ dig +trace google.com 

; <<>> DiG 9.10.6 <<>> +trace google.com

;; global options: +cmd

.                             55418    IN           NS          m.root-servers.net.

.                             55418    IN           NS          b.root-servers.net.

.                             55418    IN           NS          c.root-servers.net.

.                             55418    IN           NS          d.root-servers.net.

.                             55418    IN           NS          e.root-servers.net.

.                             55418    IN           NS          f.root-servers.net.

.                             55418    IN           NS          g.root-servers.net.

.                             55418    IN           NS          h.root-servers.net.

.                             55418    IN           NS          i.root-servers.net.

.                             55418    IN           NS          a.root-servers.net.

.                             55418    IN           NS          j.root-servers.net.

.                             55418    IN           NS          k.root-servers.net.

.                             55418    IN           NS          l.root-servers.net.

.                             55418    IN           RRSIG    NS 8 0 518400 20201012170000 20200929160000

46594 . WAhDHzls10ZafaK3Zuk5TjJn2SnPhdzT19ijCSVmrg1G1k7ksb/ajftZ KVn7zCGq6Lhc/uYiiXidTpnpisRFgS1JsXTQuHWuw+E+MQpE95+kmK3N zr8mU51cLCqOmRCNENRMHDYHbYNWrQh0dQcUnsoxY9j8rx9DNj4WV6Xd K54wQ+6lYsalnTmJrFfnvUOK2L4OnHXAEnU4BxC4Jk4gKRcn0cZAuTnE jnMsnZFg/5jayJXWI1Uwmdwa3ZOIV6NjpcSCZRj12r/JTqcogSJv65ac jo9C/Mn1L+rX1yIprx63oHGHOLENcTGFltrO/I7MwNHEmSLy2Nl1c5w7 DFsqMQ==

;; Received 1097 bytes from 192.168.1.1#53(192.168.1.1) in 43 ms

com.                              172800  IN           NS          l.gtld-servers.net.

com.                              172800  IN           NS          b.gtld-servers.net.

com.                              172800  IN           NS          c.gtld-servers.net.

com.                              172800  IN           NS          d.gtld-servers.net.

com.                              172800  IN           NS          e.gtld-servers.net.

com.                              172800  IN           NS          f.gtld-servers.net.

com.                              172800  IN           NS          g.gtld-servers.net.

com.                              172800  IN           NS          a.gtld-servers.net.

com.                              172800  IN           NS          h.gtld-servers.net.

com.                              172800  IN           NS          i.gtld-servers.net.

com.                              172800  IN           NS          j.gtld-servers.net.

com.                              172800  IN           NS          k.gtld-servers.net.

com.                              172800  IN           NS          m.gtld-servers.net.

com.                              86400    IN           DS           30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766

com.                              86400    IN           RRSIG    DS 8 1 86400 20201012170000 20200929160000 46594 . BDZQLtzru//MEjhDMS6CH3aqrzRNwZAElkoX6uYhiw88dcRXfOjVGMFl WLsF+mmCRdvxdPnT7TNkbUQYlvtpBNqq/iHLSaKZ8NRwtpJRK/OTDyVk O+o/iiByLuOjq+xrF3SS/oUMuNnq0azR1qzm+oRSMFglck3LE9wnZKVk Y2jNrC0lDyjKkOThDuSfAT6a7gICPT1uFho0tdxhUKMcW1PWVEJ3Pr5Q fQgDaKP1RkOhoSqEo1HnEG39ptLKc65jnQORGMpDK7dskxH+ak6yWhjB LbwUPUamwH4Saehti66u9NVBpoR6WmKg75ChZ1bLLNH+y1DQBJUNIo3P UzLwSQ==

;; Received 1170 bytes from 192.203.230.10#53(e.root-servers.net) in 23 ms

google.com.                       172800  IN           NS          ns2.google.com.

google.com.                       172800  IN           NS          ns1.google.com.

google.com.                       172800  IN           NS          ns3.google.com.

google.com.                       172800  IN           NS          ns4.google.com.

CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A  NS SOA RRSIG DNSKEY NSEC3PARAM

CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20201004044123 20200927033123 24966 com. mfMj0mWhB7y6rOePA3ZB43jj8Qi/8U8+mHOaQtTMs/Dko4vx3RgNQpc1 qLCNOdgVS2iz/M+OXWwUPxl2pZIDjWM0V+12tVFHJRNvlZEihsTD6J+m IwRaFqx7t98vQHls5R02Rl+7zq2RenAEdFiFno249WDp6LBb51i+tC50 dymKNGwudjNZ8k/o/1c7nnVBjMMY9MbIxO48LI57CpmJuw==

S84BDVKNH5AGDSI7F5J0O3NPRHU0G7JQ.com. 86400 IN NSEC3 1 1 0 - S84CDVS9VPREADFD6KK7PDADH0M6IO8H  NS DS RRSIG

S84BDVKNH5AGDSI7F5J0O3NPRHU0G7JQ.com. 86400 IN RRSIG NSEC3 8 2 86400 20201005043616 20200928032616 24966 com. qIma1aYS4imNXqF4cRx/ZHxTuqeRKuTNmEHRJrsPYRaRPhMqil03GHem 59EU4oY4/Emg/blu+Qw851X4Rhi9ilLf2fyafaWXgDl0Ouyz6NWDzP7Q aMK+ap42U8pFX1kv1PTKkw3I8usEImGGhP2i3lsR9svQdOa9Awot5tez lrXzN/F9t6dNDv5h/KNxIY+zYXZzwel1sRZXEkXRZgYq6Q==

;; Received 836 bytes from

192.55.83.30#53(m.gtld-servers.net) in 194 ms

google.com.               300       IN        A         142.250.66.206

;; Received 55 bytes from 216.239.38.10#53(ns4.google.com) in 235 ms

 

References:

Prabesh is an avid Linux enthusiast and open source advocate. He is currently working as a DevOps engineer in Audinate. He has completed his masters in networking with major in computer security. Professionally he works DevOps in day and tkinter around with technologies and research during the night.

Prabesh Thapa

DevOps / SRE Engineer , Cloud and Automation

Get connected with Prabesh :

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Related Articles